Ticket #34905: 34905.2.diff

src/wp-admin/js/password-strength-meter.js

@@ -18 +18 @@
                         if (password1 != password2 && password2 && password2.length > 0)
                                 return 5;
 
+                        if ( 'undefined' === typeof window.zxcvbn ) {
+                                // Password strength unknown
+                                return -1;
+                        }
+
                         var result = zxcvbn( password1, blacklist );
                         return result.score;
                 },

src/wp-admin/js/user-profile.js

@@ -30 +30 @@
         function generatePassword() {
                 if ( typeof zxcvbn !== 'function' ) {
                         setTimeout( generatePassword, 50 );
-                } else {
+                        return;
+                } else if ( ! $pass1.val() ) {
+                        // zxcvbn loaded before user entered password.
                         $pass1.val( $pass1.data( 'pw' ) );
                         $pass1.trigger( 'pwupdate' ).trigger( 'wp-check-valid-field' );
-                        if ( 1 !== parseInt( $toggleButton.data( 'start-masked' ), 10 ) ) {
-                                $pass1Wrap.addClass( 'show-password' );
-                        } else {
-                                $toggleButton.trigger( 'click' );
-                        }
                 }
+                else {
+                        // zxcvbn loaded after the user entered password, check strength.
+                        check_pass_strength();
+                }
+
+                if ( 1 !== parseInt( $toggleButton.data( 'start-masked' ), 10 ) ) {
+                        $pass1Wrap.addClass( 'show-password' );
+                } else {
+                        $toggleButton.trigger( 'click' );
+                }
+
+                // Once zxcvbn loads, passwords strength is known.
+                $( '#pw-weak-text-label' ).html( userProfileL10n.warnWeak );
         }
 
         function bindPass1() {
@@ -289 +299 @@
                 strength = wp.passwordStrength.meter( pass1, wp.passwordStrength.userInputBlacklist(), pass1 );
 
                 switch ( strength ) {
+                        case -1:
+                                $( '#pass-strength-result' ).addClass( 'bad' ).html( pwsL10n.unknown );
+                                break;
                         case 2:
                                 $('#pass-strength-result').addClass('bad').html( pwsL10n.bad );
                                 break;

src/wp-admin/user-edit.php

@@ -531 +531 @@
         <td>
                 <label>
                         <input type="checkbox" name="pw_weak" class="pw-checkbox" />
-                        <?php _e( 'Confirm use of weak password' ); ?>
+                        <span id="pw-weak-text-label"><?php _e( 'Confirm use of potentially weak password' ); ?></span>
                 </label>
         </td>
 </tr>

src/wp-includes/script-loader.php

@@ -379 +379 @@
 
         $scripts->add( 'password-strength-meter', "/wp-admin/js/password-strength-meter$suffix.js", array( 'jquery', 'zxcvbn-async' ), false, 1 );
         did_action( 'init' ) && $scripts->localize( 'password-strength-meter', 'pwsL10n', array(
+                'unknown'  => _x( 'Password strength unknown', 'password strength' ),
                 'short'    => _x( 'Very weak', 'password strength' ),
                 'bad'      => _x( 'Weak', 'password strength' ),
                 'good'     => _x( 'Medium', 'password strength' ),
@@ -389 +390 @@
         $scripts->add( 'user-profile', "/wp-admin/js/user-profile$suffix.js", array( 'jquery', 'password-strength-meter', 'wp-util' ), false, 1 );
         did_action( 'init' ) && $scripts->localize( 'user-profile', 'userProfileL10n', array(
                 'warn'     => __( 'Your new password has not been saved.' ),
+                'warnWeak' => __( 'Confirm use of weak password.' ),
                 'show'     => __( 'Show' ),
                 'hide'     => __( 'Hide' ),
                 'cancel'   => __( 'Cancel' ),